Published on: January 01, 2013
STM32F4DISCOVERY is an ARM Cortex M4 development kit.
I don’t plan to write again a toolchain setup instruction for this board. You can install toolchain and flash tool as per instructions provided in the below link
http://recursive-labs.com/blog/2012/05/07/stm32f4discovery-chibios-linux/ Read the section – Building the toolchain on Debian using “Summon Arm Toolchain”
While installing the toolchain I got an error
zlib.h: No such file or directory. On a Debian system you can remove this error by issuing
apt-get install zlib1g-dev
The ARM toolchain is build using summon-arm-toolchain script. This toolchain also installs a free GPL V3 based firmware library known as libopencm3.
As I mentioned above, the summon arm toolchain will also install libopencm3. libopencm3 generates some header files during installation. These header files needs python yaml support. The build might stop because of this. You can fix this issue by running
apt-get install python-yaml
You can find examples for STM32F4DISCOVERY from https://github.com/libopencm3/libopencm3/tree/master/examples/stm32/f4/stm32f4-discovery
Additional link for reference
1) http://jeremyherbert.net/get/stm32f4_getting_started This link uses the examples from proprietary firmware library of ST.
Published on: November 26, 2012
I have seen many times people getting confused by the terms microcontroller and microprocessor. This blog post covers some basics which I know. I will try to explain the concepts in an simple manner. Please update corrections, feedbacks, suggestions etc in the comments field.
Microcontrollers are small computers which can do data processing. With this data processing capability, we can design embedded systems(computers) such as hand-held video games, mobile phones, etc. Usually these embedded devices uses a special range of microcontroller with a microprocessor called as ARM. There are other range of microcontrollers(known as AVR, PIC, MSP430 etc) with different microprocessors which will be discussed later.
Microcontrollers and microprocessors are different. Microprocessor is a device which can only do data manipulation. We need to pass data(or program) to the microprocessor, then it will process the data as we say and give it back. Microprocessors cannot store large programs because it doesn’t have large memories. They contains small memories called as registers which can only store small amount of data for data manipulation. This is a problem with microprocessors. We need extra hardware to store our programs. These extra hardwares are called as RAM(Random Access Memory), ROM(Read Only Memory), etc. After the microprocessors does the data manipulation, we need to view it on a screen(monitor). A microprocessors cannot write directly to a monitor. It needs again another special hardware called as display controller. Building an embedded system with these different hardwares is not easy since it involves some complexity because embedded system needs additional hardwares sensors, displays etc. Joining all these hardware is not an easy task. For this microcontrollers can help us.
But microcontrollers are different. In easy terms to say, microcontroller is a chip with microprocessor and its associated hardware (such as RAM, ROM, display drivers etc). So building embedded system with microcontrollers is easy.
If you want to understand more clearly about microcontrollers and microprocessors, go ahead reading this paragraph or else jump to next paragraph. Think about your computer. It has a monitor, keyboard, mouse, CPU, speakers etc. A computers CPU is the main part to which we connect the monitor, keyboard, mouse, etc. The computers CPU contains a processor (which might be an Intel Pentium4 or Intel Core i3 or an AMD Athlon), RAM (which is of 2GB or 8GB or of some other capacity), a hard disk to store data etc. If you know well about computers, you should know that a processor cannot do any work alone. It needs a RAM, hard disk etc. When you join them together, computers CPU will start to work. This is the same case with microcontrollers and microprocessors. You can imagine the processor(Intel Core i7 or AMD Athlon) as microprocessor and computers CPU completely(including hard disk, RAM, processor) as an microcontroller. With a processor alone we cannot do anything but with an CPU, we can connect a keyboard, mouse and a monitor to do our daily works. Hope you understood the difference between microprocessor and microcontroller.
There is no meaning in explaining more details about each peripherals. There are lot of tutorials existing in the Internet. I would recommend you to read those. My idea was to guide you to the world of computers. The main problem with engineers is that they know about computers but they don’t know about the internal working. If you want to know more about computers, go ahead reading the next paragraph. I would recommend this for all computer and electronics graduates.
Read the book The Elements of Computing Systems (From NAND to Tetris). This is an wonderful book which explains you how computers work from top to bottom i.e how microprocessors are made, how they interact with keyboard, monitor, etc, how an compiler works, how an operating system works etc. The most amazing part of this book is that it not only tells you how things work but also teaches you to write your own compiler, assembly programs, operating systems etc. Don’t worry. Its not a huge book. Try to get this book and read while you are traveling in bus or whenever you want.
I would recommend you not to miss this book. Reading this book alone will give you good knowledge. If you do the assignments in the book, its more wonderful and you can easily understand the computer systems. Please let me know your feedback after reading this awesome book!
Published on: May 06, 2012
Above shown is a BlueBoard LPC1768 header board. I got this board from NGX technologies. This board contains an ARM cortex M3 based LPC1768 microcontroller from NXP (Philips). NGX technologies has similar ARM development boards which can be purchased from their webshop.
NGX technologies BlueBoard LPC1768 header board is of size 95mm x 55mm size. It has an power connector to connect DC power. The board can also be powered using its mini USB port. It also contains an LED and a switch(other than the rest switch) for basic operation. All the pins of the controller can be accessed through the header pin port. It also contains an JTAG port for debugging the ARM microcontroller. There is also an EEPROM chip to store information which is independent of the power.
The greatest advantage of this board is that it can be flashed using its USB port. There is no seperate flashing tool hardware or software needed. Just plug the board into the USB port and press a button sequence. The board will appear as an mass storage device(like our USB pen drives). The compiled bin just has to be pasted into the drive. Once the reset button is pressed, the new compiled software will start to work. More information can be found from here.
These type of header boards are really helpful when you want to prototype your designs. Its really hard for a newbie or even time consuming for an expert to design a PCB for the microcontroller and then start development. This board contains all the basic circuit to bring up the microcontroller and start development.
Some useful links
1) Google code page(contains complete source code and hardware design): http://code.google.com/p/blueboard-lpc1768/
2) Product page(Contains more information about this products and various tools): http://shop.ngxtechnologies.com/product_info.php?cPath=21&products_id=65
3) Documents form NXP for LPC1768: http://ics.nxp.com/support/documents/microcontrollers/?scope=LPC1768
Published on: November 18, 2011
This post contains mail written by me to the famous hacker Héctor Martín. The mail was regarding the basic steps in reverse engineering devices.
— MAIL BEGIN —
> 1) After opening a device, how do you understand which chip is the CPU ?
This is usually fairly obvious from the layout and the connectivity on the board. It really depends on the device, but it’s usually one of the larger chips, and may be connected to Flash memory, and/or to a quartz crystal. On larger devices it will have its own power supply, while on smaller ones the only telltale might be that it’s connected to most parts of the board. And of course, often you can just look up the part numbers and figure out what most chips are.
> 2) How are the firmwares extracted from the devices ? Is there a general principle ?
This depends heavily on the device. It can be as easy as connecting to a debug serial port and getting a text-based console into a bootloader that lets you dump the flash. Or it can be as hard as requiring a clock/power glitching setup in order to dump an internal mask ROM buried inside the CPU. Usually if the flash is external, you can remove it and dump it externally, or there might be a JTAG port through which you can read/write it. Microcontrollers with embedded flash usually have programming ports but the code is usually protected from readout; these are nearly impossible to dump unless you know of a specific vulnerability in the particular chip’s protection.
> 3) After getting a firmware dump how do you read it ?
If you know the CPU architecture in use, you run it through a disassembler and see if it makes sense. If you don’t know the architecture, you can try some educated guesses. After a while you learn to recognize some popular CPU architectures from a simple hex dump (e.g. ARM code sticks out like a sore thumb due to the condition code field, which means that every 32-bit word almost always starts with ‘E’). You can just use GNU binutils (objdump) to disassemble code (usually), but the IDA disassembler by Hex-Rays is quite popular in the reverse engineering community (albeit quite pricey). Sometimes the CPU architecture is unknown. I know some crazy people who can eventually make sense of an unknown binary and figure out what the opcodes mean, but I’m not one of them.
And sometimes if the firmware has very high entropy (it looks like “garbage” – no patterns, you learn to recognize this too) it usually means it’s either encrypted or compressed, so you might look to see whether you can find an offset after which there’s valid compressed data using a popular algorithm (zlib, LZMA, etc…). If it’s encrypted sometimes there are blockwise patterns (e.g. duplicated 16byte or 8byte blocks) that often mean it’s encrypted using a block cipher in ECB mode.
— MAIL END —
Published on: October 30, 2011
Below shown is my new LS-CH1.0TL LinkStation Live 1TB Buffalo-NAS purchased from MediaMarkt (Germany).
It supports one of my favourite feature – Its a hackable device! Flashing a new GNU/Linux firmware. Buffalo-NAS is based on GNU/Linux and also they provide its sourcecode in the downloads section webpage.
Also there is an dedicated hack portal for the Buffalo-NAS. Below is the link
Buffalo NAS-Central – http://buffalo.nas-central.org/wiki/Main_Page
I will post some hacks in my web log as I proceed.